How to configure my Azure VM Endpoint ACL to allow connection from my Azure Webjob on the same portal

Question

I have a WebJob on an Azure Website that needs to connect to a VM Endpoint to make REST calls.

My Endpoint is configured to deny all except my company's IP range. Now what rule would I need to add or url should I use so my webjob can connect to the endpoint?

I have tried the following without success:

• Allow my website virtual IP address in the ACL
• Connect to the endpoint using the internal IP instead of the DNS without changing the ACL
• Connect to the endpoint using the public virtual IP instead of the DNS without changing the ACL

This works but is not what I am looking for:

• Remove the current ACL and allow all
• Keep the ACL but add a /16 rule with my website IP

Thank you for your help, and let me know if you need precision!

Answer 1

I need the same thing but it seems as though is not possible right now. Looking at this answer on a related question:

Azure Web Sites do not have dedicated outbound IP addresses for each deployment. This precludes you from using ACLs or Virtual Networks to connect to your Redis / Solr virtual machines.

So even though you can have a (reasonably) fixed incoming IP address on Azure Websites, the outgoing address is highly unpredictable and as far as I can see, the only exclusion that you could make was to restrict it to the entire range of IP addresses for that data centre which is far from ideal.

Answer 2

A solution moving forward will be to connect your Azure Website and the VM on the same Virtual Network. As of my writing this it is still in Preview so it still is not ready for production use just yet.

Here is more information on it: http://azure.microsoft.com/blog/2014/09/15/azure-websites-virtual-network-integration/